package com.xuan.selectcourse.security;

import org.springframework.ui.Model;
import org.springframework.web.filter.GenericFilterBean;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.IOException;
//自定义拦截器到security过滤链中
@WebFilter(urlPatterns = {"/user/login","/admin_login"})
public class BeforeLoginFilter extends GenericFilterBean {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request=(HttpServletRequest) servletRequest;
        String uri=request.getRequestURI();
        HttpSession session=request.getSession();
        String code=request.getParameter("code");
        if (uri.indexOf("/admin_login")!=-1 || uri.indexOf("/checkCode")!=-1 || session.getAttribute("username")!=null){
            filterChain.doFilter(servletRequest,servletResponse);
        }else {
            String checkCode=(String) session.getAttribute("checkCode");
            if (checkCode==null){
                filterChain.doFilter(servletRequest,servletResponse);
            }else {
                if (checkCode.equalsIgnoreCase(code)){
                    session.setAttribute("username",request.getParameter("username"));
                    filterChain.doFilter(servletRequest,servletResponse);
                }else {
                    request.getRequestDispatcher("redirect:/admin_login").forward(servletRequest,servletResponse);
                }
            }

        }
    }
}
